package com.em.tuppence.web.security.openid;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.openid.OpenIDAuthenticationFilter;

import com.em.tuppence.core.model.application.User;

public class RegistrationAwareOpenIDAuthenticationFilter extends OpenIDAuthenticationFilter {

	private RegistrationTargetUrlRequestHandler registrationTargetUrlRequestHandler;

	@Override
	public Authentication attemptAuthentication(HttpServletRequest request,	HttpServletResponse response) throws AuthenticationException, IOException {

		try {
			return super.attemptAuthentication(request, response);
		} catch (AuthenticationSucessButMissingRegistrationException e) {

			final User user = e.getErrorUser();

			try {
				final HttpSession session = request.getSession(false);
				session.setAttribute("open-id-user-object", user);
				registrationTargetUrlRequestHandler.handle(request, response, null);
			} catch (ServletException se) {
				throw new IllegalStateException(se);
			}

			return null;
		}

	}

	public void setRegistrationTargetUrlRequestHandler(RegistrationTargetUrlRequestHandler registrationTargetUrlRequestHandler) {
		this.registrationTargetUrlRequestHandler = registrationTargetUrlRequestHandler;
	}

}
